Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/1b30bf-bcc7-4777-9146-7a30be5cecc0/1/sTSesOfbZTbKeYKWH_rJsykWXF8.mft
File:                     sTSesOfbZTbKeYKWH_rJsykWXF8.mft (raw, json)
Hash identifier:          taptVV1iRJ1A0Plh93uJzHSfXluFjM5Off1pRJw6PV8=
Subject key identifier:   1A:21:7D:52:7B:41:21:37:66:1F:BB:5E:03:8E:D0:73:A4:22:EE:94
Authority key identifier: B1:34:9E:B0:E7:DB:65:36:CA:79:82:96:1F:FA:C9:B3:29:16:5C:5F
Certificate issuer:       /CN=b1349eb0e7db6536ca7982961ffac9b329165c5f
Certificate serial:       0196B558C2CF2967A3AF91C47035816CA232
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sTSesOfbZTbKeYKWH_rJsykWXF8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/71/1b30bf-bcc7-4777-9146-7a30be5cecc0/1/sTSesOfbZTbKeYKWH_rJsykWXF8.mft
Manifest number:          01E4
Signing time:             Fri 09 May 2025 14:00:15 +0000
Manifest this update:     Fri 09 May 2025 14:00:15 +0000
Manifest next update:     Sat 10 May 2025 14:00:15 +0000
Files and hashes:         1: sTSesOfbZTbKeYKWH_rJsykWXF8.crl (hash: 4mWXkTfnaWXg02Hsl4I+ZJSl2816xixG7i5RvJxlOlk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/71/1b30bf-bcc7-4777-9146-7a30be5cecc0/1/sTSesOfbZTbKeYKWH_rJsykWXF8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/71/1b30bf-bcc7-4777-9146-7a30be5cecc0/1/sTSesOfbZTbKeYKWH_rJsykWXF8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/sTSesOfbZTbKeYKWH_rJsykWXF8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 10 May 2025 14:00:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:b5:58:c2:cf:29:67:a3:af:91:c4:70:35:81:6c:a2:32
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b1349eb0e7db6536ca7982961ffac9b329165c5f
        Validity
            Not Before: May  9 14:00:15 2025 GMT
            Not After : May 10 14:00:15 2025 GMT
        Subject: CN=1a217d527b412137661fbb5e038ed073a422ee94
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:97:a9:62:0e:9e:f5:ce:cc:c6:1f:35:b4:c3:
                    37:4f:40:cc:35:14:a3:24:4e:26:f5:64:52:f1:ac:
                    79:ad:5d:7f:1a:c5:5e:4c:6a:24:07:c3:c1:e8:27:
                    ca:ba:13:e3:c6:e3:d7:b8:61:06:db:09:2b:2d:d0:
                    f7:e1:ac:7d:81:25:83:82:b1:f7:5f:0c:bb:09:76:
                    5a:e4:dc:86:27:13:dd:c9:d8:34:c1:6b:44:3c:01:
                    15:67:b6:c6:2e:44:32:d5:6b:2f:48:59:05:6e:0d:
                    ea:e2:a5:49:20:54:78:19:5b:09:54:9b:d1:9c:6f:
                    7c:ae:33:28:9b:42:33:35:77:b0:be:37:8a:1c:66:
                    9c:5f:ae:8c:92:fd:6d:30:21:1c:38:a0:76:fd:67:
                    a6:83:fd:8a:89:7b:75:20:55:5a:12:73:ac:49:c7:
                    c4:8a:3d:38:81:2c:ec:de:6b:15:29:60:a7:04:61:
                    a6:57:de:71:c4:3e:ee:f9:1f:d7:03:22:b3:8b:05:
                    bf:32:27:c2:ac:b2:46:f6:51:ea:23:34:8f:6d:a5:
                    3a:a7:8f:49:20:42:5c:4c:20:b3:b7:52:6a:46:f1:
                    88:58:4b:9b:bd:29:02:62:f1:62:0b:0d:3d:2b:c2:
                    59:4b:67:e8:a6:be:64:c3:ad:4a:e5:7d:44:61:2a:
                    ce:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:21:7D:52:7B:41:21:37:66:1F:BB:5E:03:8E:D0:73:A4:22:EE:94
            X509v3 Authority Key Identifier:
                keyid:B1:34:9E:B0:E7:DB:65:36:CA:79:82:96:1F:FA:C9:B3:29:16:5C:5F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sTSesOfbZTbKeYKWH_rJsykWXF8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/1b30bf-bcc7-4777-9146-7a30be5cecc0/1/sTSesOfbZTbKeYKWH_rJsykWXF8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/71/1b30bf-bcc7-4777-9146-7a30be5cecc0/1/sTSesOfbZTbKeYKWH_rJsykWXF8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         12:e4:b6:d6:df:e7:8f:9e:6c:2e:d6:8b:04:4e:0d:5f:92:3a:
         6a:83:6b:81:96:18:0d:70:8a:88:74:1a:09:2c:51:6d:bc:55:
         b1:ed:de:92:e2:c7:e7:85:3a:24:82:ab:4b:ee:b1:60:6c:88:
         a8:66:d9:08:3b:06:e6:06:16:1c:de:5f:88:19:d3:6b:ba:69:
         9d:49:54:fa:f7:81:b3:8a:eb:41:1e:fe:56:43:01:88:a7:3e:
         2e:b8:5e:96:9c:67:08:61:de:be:b1:50:0b:5a:99:ef:97:65:
         1d:4b:5f:8b:80:af:fa:64:da:2d:7e:13:3a:2d:51:8c:68:6c:
         b2:b5:31:b2:6c:18:6c:a7:23:ea:13:2e:e0:e4:bb:10:0d:70:
         e8:f0:02:8d:4c:5b:9c:5b:25:ac:4a:94:06:78:7d:73:ea:ec:
         4f:f0:9b:ac:06:37:05:8d:9b:fc:fb:81:0e:85:be:04:30:3c:
         7b:64:d3:73:a3:3d:e3:03:c0:62:d3:c3:2a:35:da:b5:b3:c8:
         4f:0b:a7:d5:0e:c8:1f:08:e2:48:c9:0f:fb:09:cd:de:e4:06:
         60:56:74:ee:66:82:9f:d8:c8:8a:7d:21:84:c1:73:0d:e1:2b:
         b5:15:08:8d:fd:69:2a:89:8e:17:0f:ec:b5:b7:71:aa:0d:f0:
         64:bf:a5:c8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa1WMLPKWejr5HEcDWBbKIyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxMzQ5ZWIwZTdkYjY1MzZjYTc5ODI5NjFmZmFjOWIzMjkx
NjVjNWYwHhcNMjUwNTA5MTQwMDE1WhcNMjUwNTEwMTQwMDE1WjAzMTEwLwYDVQQD
EygxYTIxN2Q1MjdiNDEyMTM3NjYxZmJiNWUwMzhlZDA3M2E0MjJlZTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv5epYg6e9c7Mxh81tMM3T0DMNRSj
JE4m9WRS8ax5rV1/GsVeTGokB8PB6CfKuhPjxuPXuGEG2wkrLdD34ax9gSWDgrH3
Xwy7CXZa5NyGJxPdydg0wWtEPAEVZ7bGLkQy1WsvSFkFbg3q4qVJIFR4GVsJVJvR
nG98rjMom0IzNXewvjeKHGacX66Mkv1tMCEcOKB2/Wemg/2KiXt1IFVaEnOsScfE
ij04gSzs3msVKWCnBGGmV95xxD7u+R/XAyKziwW/MifCrLJG9lHqIzSPbaU6p49J
IEJcTCCzt1JqRvGIWEubvSkCYvFiCw09K8JZS2fopr5kw61K5X1EYSrOZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBohfVJ7QSE3Zh+7XgOO0HOkIu6UMB8GA1UdIwQY
MBaAFLE0nrDn22U2ynmClh/6ybMpFlxfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1RTZXNPZmJaVGJLZVlLV0hfckpzeWtXWEY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS8xYjMwYmYtYmNjNy00Nzc3LTkxNDYt
N2EzMGJlNWNlY2MwLzEvc1RTZXNPZmJaVGJLZVlLV0hfckpzeWtXWEY4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS8xYjMwYmYtYmNjNy00Nzc3LTkxNDYtN2EzMGJlNWNlY2Mw
LzEvc1RTZXNPZmJaVGJLZVlLV0hfckpzeWtXWEY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEuS21t/n
j55sLtaLBE4NX5I6aoNrgZYYDXCKiHQaCSxRbbxVse3ekuLH54U6JIKrS+6xYGyI
qGbZCDsG5gYWHN5fiBnTa7ppnUlU+veBs4rrQR7+VkMBiKc+LrhelpxnCGHevrFQ
C1qZ75dlHUtfi4Cv+mTaLX4TOi1RjGhssrUxsmwYbKcj6hMu4OS7EA1w6PACjUxb
nFslrEqUBnh9c+rsT/CbrAY3BY2b/PuBDoW+BDA8e2TTc6M94wPAYtPDKjXatbPI
Twun1Q7IHwjiSMkP+wnN3uQGYFZ07maCn9jIin0hhMFzDeErtRUIjf1pKomOFw/s
tbdxqg3wZL+lyA==
-----END CERTIFICATE-----